deepcrayon/buildroot
deepcrayon/buildroot
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

package/jq: security bump to version 1.6

Browse source 
- Fix CVE-2015-8863 and  CVE-2016-4074:
  https://github.com/stedolan/jq/issues/1406
- Add hash for license file
- Disable oniguruma (enabled by default)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Fabrice Fontaine 2019-03-20 20:10:01 +01:00 committed by Peter Korsgaard
parent d693ae7dc5
commit 3a026d650c
2 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
package/jq/jq.hash
View file

@ -1,2 +1,3 @@
# Locally calculated
sha256 c4d2bfec6436341113419debf479d833692cc5cdab7eb0326b5a4d4fbe9f493c jq-1.5.tar.gz
sha256 5de8c8e29aaa3fb9cc6b47bb27299f271354ebb72514e3accadc7d38b5bbaa72 jq-1.6.tar.gz
sha256 111136aebcbfa68b6b0084e582b30e981da76adcff84eab6f9be32a1f38c5bf1 COPYING

6
package/jq/jq.mk
View file

@ -4,7 +4,7 @@
#
################################################################################
JQ_VERSION = 1.5
JQ_VERSION = 1.6
JQ_SITE = https://github.com/stedolan/jq/releases/download/jq-$(JQ_VERSION)
JQ_LICENSE = MIT (code), CC-BY-3.0 (documentation)
JQ_LICENSE_FILES = COPYING
@ -17,8 +17,8 @@ JQ_CONF_ENV += CFLAGS="$(TARGET_CFLAGS) -std=c99 -D_GNU_SOURCE"
HOST_JQ_CONF_ENV += CFLAGS="$(HOST_CFLAGS) -std=c99 -D_GNU_SOURCE"
# jq explicitly enables maintainer mode, which we don't need/want
JQ_CONF_OPTS += --disable-maintainer-mode
HOST_JQ_CONF_OPTS += --disable-maintainer-mode
JQ_CONF_OPTS += --disable-maintainer-mode --without-oniguruma
HOST_JQ_CONF_OPTS += --disable-maintainer-mode --without-oniguruma
$(eval $(autotools-package))
$(eval $(host-autotools-package))